Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
https://exchange.xforce.ibmcloud.com/vulnerabilities/4627
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039
http://www.securityfocus.com/bid/1309